Forgot your password?
typodupeerror

Comment: Windows and the infinite bug threshold (Score 1) 235

by Douglas Goodall (#46799101) Attached to: Bug Bounties Don't Help If Bugs Never Run Out
"if that's above the infinite-bug-threshold, then you might as well not bother fixing any particular bug at that level, because the attacker can always just find another one. It doesn't even matter whether you have a prize program or not; the product is in a permanent state of unfixable vulnerability." Ah we are talking about Windows now eh?

Comment: Re:Not that good (Score 1) 188

by Douglas Goodall (#46798823) Attached to: Heartbleed Sparks 'Responsible' Disclosure Debate
I have to disagree strongly about this. All those rigorous code quality standards and very though code audits haven't done anything to improve the vulnerability situation with Windows. I get the CERT notifications and used to get the Microsoft ones as well, and they all look the same. I vulnerability in the code allows remote code execution and user promotion. The only recommended fix is to turn off some critical feature used by most developers. These bugs always seem to affect all known versions of the operating system, or all known versions of Office. The constant stream of these problems hasn't seemed to slow down at all over the last few decades. It seems to me that there is a major paradigm problem with Microsoft's code concepts, because these problems continue to occur no matter what proprietary development strategy they use. The trusted computing initiative declared all programmers to be untrustworthy and tried to keep them from writing real code. In my opinion all this trouble dates back to the early eighties when Microsoft ignored the boundary protections provided in the protected mode of the 286 and forward. It was just too much trouble for them to manage the descriptor tables and memory regions. Beyond this, Bill Gates opinion that no-one needed more than 640K kept us in tight memory mode too long. Once we got into protected mode and had more memory, it would not have been that much overhead to use the boundary protection. It could have been added to the malloc code and frameworks. Deciding that operating systems should be written in BASIC was another hip Microsoft idea, and Vista proved that one out. Balmer could have been shouting, "marketers, marketers, marketers", and probably was behind closed doors.

Comment: I hope things change before I die (Score 1) 379

Starting in 2000/2001 (outsourcing) the landscape changed, and development projects became very difficult to find. I had thought there would always be work for good people, and I thought I was one of them. Little did I know how little management cared for the retained wisdom of the more experienced software engineers. There are lots of young programmers around, but a commitment to larger practices was what made software engineers. I think it is a terrible waste that America has so many experienced software people flipping burgers or unemployed when we need so desperately to compete internationally.

Comment: It works for me, or rather doesn't (Score 1) 349

by Douglas Goodall (#46465365) Attached to: Crowdsourcing Confirms: Websites Inaccessible on Comcast
I am a COMCAST Business Internet customer. I can verify that COMCAST's DNS is not resolving your Chinese furniture store FQDNS name. I was able to access it though on my SPRINT based iPhone. I changed my notebook's DNS to lookup using GOOGLE and not things work better. I have noticed over the last week or so that I have trouble that is new with a number of web sites. I was thinking it might have to do with Kaspersky Internet Security for the Mac. I haven't been able to research that yet. My thanks to the original poster for bringing this to our attention.

Comment: Where MS rights end... (Score 1) 860

I have seen it written that Microsoft has the right to withdraw support for XP and move on. I am not so sure I agree with this. The number of machines out there that are currently running on XP is staggering. Not even counting all the automated teller machines. I do think it makes sense for Microsoft to compile in all the updates and make a new clean set of binaries. I am unclear on what benefits Windows 7 and Windows 8 provide that are important enough to justify the financial impact and expense of moving to newer OS and new hardware. Oh yea, a protected video path for Hollywood's higher def media. Is it so important to converge and use that as the justification? Cheap DVD and Bluray players with HDMI encryption cost under a hundred dollars now, so we don't really have to go to great trouble and expense of upgrading the entire world's hardware and software just to protect Hollywood's fears about media piracy. Part of Mickrosoft's decline is about the perception that they don't care about the user's needs.

Comment: Re:Too bad for expensive Mac Pro 2,1 systems (Score 1) 241

Thank you for your thoughts on this. As a software engineer I spent (and continue to spend) time thinking about how to serve the customers the best. In term of maintainability, and documentation... The justification for the Apple-Tax(tm) is that the hardware remains viable longer, but if the OS times out because of lack of support, it doesn't matter if the hardware is still viable. How Apple balances this will ultimately determine their success in keeping the fanabois and gurls locked in. Apple can hardly say they don 't have the money to support a backporting team to keep security updates coming. I think while the processor has enough horsepower, and the machine has sufficient RAM and the drive sufficient storage space, the machine should remain supported. Those of us with money to burn will always want the latest candy. Who doesn't want USB3, Thunderbolt, Bluetooth4... But I think quality computing should;'t be just for those with excessive money to burn.

Comment: Too bad for expensive Mac Pro 2,1 systems (Score 1) 241

by Douglas Goodall (#46368871) Attached to: Apple Drops Snow Leopard Security Updates, Doesn't Tell Anyone
My very expensive Mac Pro 8-core 16GB-ram 3.0GHz machine is orphaned onto Snow Leopard because of it's 32-bit boot ROM. I have been mad about my inability to upgrade the ROM and my inability to benefit from subsequent enhancements. I was consoling myself by considering the machine a general workstation capable of running GNU language tools and such, but I thought web and email would still be there. Although the CPU's are not the latest, 3.0GHz Xeon 8-core is still a muscle machine. Let me guess, Apple doesn't have enough money to pay engineers to back-port security fixes? You know I would have paid several hundred dollars to solve the boot-rom problem so I could move on with post SL operating systems. There is no doubt that I am happier on Mac OS X, but there is no reason for Apple to squeeze us this hard with this short upgrade cycle on the hardware. If I were just buying a thousand dollar notebook from them every three years, I could deal with that, but as a developer I am used to buying developer class machines. My current MacBook Pro was over three thousand dollars. 15" with retina, 2.8GHz Intel Core i7, 16GB-ram(1600 MHz DDR3) 750GB-SSD. I am curious how long this notebook will remain viable. The MacBooks I bought for my father and sister several years ago are already version restricted as well. Our family have been and want to remain pro-Apple but this is becoming more difficult as Apple's hardware design decisions cause continuing pain for the faithful. If I lose the remainder of my AppleFaith(tm) I will be transitioning to non-Apple hardware and *nix for generic workstation activity.

Comment: Unix vs the world (Score 1) 876

by Douglas Goodall (#46208009) Attached to: Ask Slashdot: Why Are We Still Writing Text-Based Code?
A fairly important comparison can be made between operating systems such as Unix that have text based configuration files, as opposed to Windows that has many binary configuration files that cannot be easily examined or understood. GUI programming might be nice, but until the GUI is up, there won't be any of that. As a career "Systems Programmer", I have chosen to stay close to the bare metal, and unless you are very skillful at expressing high level code such that it generates exactly the machine code you emanated, bare metal programming is still best done in assembly or a C derivative. Programming languages such as Visual Basic that ere supposed to allow non-programmers to write programs are the root of a problem today that people capable of making programs using high level tools often don't have the experience or training to write safe, reliable, efficient code, maintainable and documented. Siri, please write a complete memory manager and interrupt system for my new microprocessor, so I can begin programming in tenth generation languages right away...

Comment: Thwarting Congress is very popular (Score 1) 383

by Douglas Goodall (#46102039) Attached to: Congressmen Say Clapper Lied To Congress, Ask Obama To Remove Him
Of course lying to Congress is bad, and it makes me feel bad about how poorly these people are behaving. But not only are politicians lying openly, it just makes me crazy when they leave the country to avoid testifying before Congress, then are allowed back into the country like nothing happened.

Comment: Re:Killing two birds with one stone? (Score 1) 408

by Douglas Goodall (#46001129) Attached to: US Government To Convert Silk Road Bitcoins To USD
That is an interesting comment. I remember a while back hearing an explanation about how banks create money. When they make certain kinds of loans (mortgages), they are only required to have a certain amount of the loan amount on hand, the balance is in effect dynamically created because the bank issuing the loan sends a check to the seller for the loan amount. It is a little more complicated than this, but in effect true.

Comment: It depends on whether the customer is a prick (Score 1) 303

by Douglas Goodall (#45834855) Attached to: Website Checkout Glitches: Two Very Different Corporate Responses
If the customer knows an error has occurs and refuses to resolve the error in good faith, they are being a prick. It is one thing is the vendor is playing bait and switch, and another if a real error occurred. In my mind it is a golden rule situation. With thew narrow profit margins that retailers have these days, a loss like this can be catastrophic. What goes around comes around. When there is an error involved and the customer insists, I think it is a form of theft.

FORTRAN is a good example of a language which is easier to parse using ad hoc techniques. -- D. Gries [What's good about it? Ed.]

Working...